Digital content can easily and efficiently be delivered through any type of suitable network, such as a cable network, satellite and/or a computer network. Frequently, digital content is broadcast or multicast to many end users over the network. Optionally, digital content can also be efficiently delivered to individual users upon request.
However, in order for digital content to be effectively delivered to users in the context of usage rights or a commerce system, a number of mechanisms need to be provided. In particular, the digital content should be secure against theft, such that only authorized users can retrieve and consume the digital content. Furthermore, access to the digital content needs to be controlled, both against unauthorized use and also optionally to permit access to be linked to other mechanisms, such as payment schemes for example. Other types of control may include determination of an expiration time and date, limitations on the number of displays, and so forth. Such control of the access to the digital content may be generally described as digital rights management.
Failure to protect “Digital Rights” is more damaging than infringement of the same rights when applied to older, “analog” content. The reason is that older forms of content storage and transmission are subject to “generational degradation”, where each processing step decreases the quality of the next generation of the product. Digital systems do not, in the main, suffer from such generational degradation. Pirated content may therefore offer exactly the same quality as original material, such that unauthorized users may more effectively infringe digital rights with copied material.
The term “digital rights management” may optionally cover a multitude of rights, which are granted to authorized users. These rights are defined according to a plurality of rules, which regulate the circumstances under which a user is authorized to access the content. These rights may include viewing the content, storing the content, reproduction of the content, excerpting portions of the content, modifying the content, copyrights, access/usage rights, resell/transferring and so forth. These rights may be divided into a number of different phases including specification, packaging (binding the rights to content), delivery, and enforcement in the consumption environment.
Even an authorized user may have only a portion of these rights; for example, the user may be authorized to view and store the content, but not reproduce or modify the content.
In order to prevent unauthorized users from abusing these usage rights, and/or to prevent authorized users from unauthorized use of the rights, the digital content should be protected by some type of security mechanism. Examples of security mechanisms include, but are not limited to, encryption and scrambling of the content. U.S. Pat. Nos. 5,282,249 and 5,481,609 to Cohen et al., which are hereby incorporated by reference as if fully set forth herein, disclose one exemplary system, which enables secure content to be broadcast widely, yet only to be played back or otherwise displayed by authorized users. This signal could contain a television program for example. The signal is scrambled, such that the authorized users are able to unscramble the signal and play back or otherwise display the media content only with the proper security device, such as a smart card for example. Thus, widely received media content is still protected from access by unauthorized users.
The scrambled television data streams described in U.S. Pat. Nos. 5,282,249 and 5,481,609 feature both scrambled data representing television signals and coded control messages, also known as ECMs. These ECMs contain, in a coded form, data necessary for generating a control word (CW) which may be used to descramble the scrambled data representing television signals.
While U.S. Pat. Nos. 5,282,249 and 5,481,609 describe an analog system, that is, a system in which analog television data streams are broadcast to television sets, it is appreciated that similar ECM methods may also be used for digital television data streams. Generally, the scrambling techniques used for scrambling analog television signals such as, for example, the well-known “cut-and-rotate” technique, are chosen for their particular applicability to analog signals. However, scrambling of digital television signals preferably employs other techniques, which are well-known in the art and which are more appropriate to digital signals. One example of such a technique is the application of the well-known DES algorithm to the digital television signals.
Methods of transmitting a scrambled digital signal, including ECMs, are described in the MPEG-2 standard, ISO/IEC 13818-1, 15 Apr. 1996 and subsequent editions.
Another attempted solution to the problem of content protection is described in published European Patent Application No. EP 0858184 and corresponding U.S. Pat. No. 6,178,242, which disclose a digital recording protection system and which are hereby incorporated by reference as if fully set forth herein. The disclosed system enables the digital content to be sent in a scrambled format, such that the digital content cannot be read and/or displayed without a key. The key is obtained from a control message, which is only sent to authorized users. Preferably, the key is obtained from coded information contained within the Entitlement Control Message, or ECM, for generating a code word associated with the ECM. Thus, only authorized users are able to correctly read and/or display the digital content.
In addition, the system and method described in European Patent Application No. EP 0858184 enable the authorized user to record and playback or otherwise display the digital content, while preventing the user from producing and distributing multiple playable copies of the digital content to other, non-authorized users. Therefore, the authorized user is able to fully use and enjoy the digital content, while the content itself is still protected from unauthorized use.
As described in European Patent Application No. EP 0858184, and as shown in background art FIG. 1 taken from this Application, such a system includes a media device 100, such as a television set, for playing the digital content, such as a television program for example. Media device 100 is connected to an integrated receiver-decoder (IRD) 110, for receiving and decoding the scrambled digital content. The system also features a removable security element 120, such as a smart card for example, for providing control words for unscrambling, or otherwise rendering into a clear format, the scrambled digital content by IRD 110. In addition, the system features a digital VCR 130 for communicating with media device 100 and IRD 110. Digital VCR 130 is able to record the digital content for later playback and/or display by media device 100.
IRD 110 receives scrambled digital content which features a plurality of ECMs, each of which is associated with, and is typically followed by, a scrambled digital data segment, containing the actual digital content. Each ECM includes coded information which can be used to generate a code word for unscrambling the associated scrambled digital data segment. Typically, removable security element 120 generates the code word. IRD 110 is then able to descramble the scrambled digital content, for example for being played by media device 100.
Background art FIG. 2, also taken from European Patent Application No. EP 0858184, is a flow diagram illustrating the production of the scrambled digital content. As shown, the scrambled digital content is produced as an SDDS (scrambled digital data stream) 140, featuring a plurality of ECMs such as an nth ECM 145, and a plurality of associated SDSEGs such as an nth SDSEG (scrambled digital data segment) 150 which is associated with nth ECM 145. IRD 110 of FIG. 1, in cooperation with removable security element 120, is able to use SDDS 140 in order to form a recording SDDS 165. Recording SDDS 165 is produced with the addition of a TECM (transformed ECM) key, which is permanently associated with the system of FIG. 1, even if removable security element 120 is changed, replaced or exchanged, for example. This TECM key is used to make a plurality of TECMs, shown as nth TECM 175, from the code words of the ECMs. Thus, a system which did not feature the correct TECM key could not descramble the recording SDDS 165 for playing back or otherwise displaying the digital content, while the authorized user is always able to play back or otherwise display the recorded digital content as long as the TECM key is available.
One significant difference between these types of conditional access and other currently available conditional access mechanisms, is that the latter mechanisms presently rely upon a personal key that is permanently embedded in the set-top box of the user. This key enables the set-top box to decrypt permission messages for accessing (reading and/or displaying) content. However, the key cannot be renewed or altered, since it is permanently encoded in the set-top box hardware. Therefore, it is vulnerable to “sniffing” and/or otherwise being hacked.
By contrast, the previously described mechanisms (as shown for example with regard to background art FIGS. 1 and 2) do not rely upon a key being permanently stored in the set-top box. Instead, the key is stored in the removable security element, such as a smart card for example. Therefore, the key is renewable, yet can be individualized to each subscriber. This smart card itself is also vulnerable to “hacking”, as for any type of digital security mechanism, but is less vulnerable than mechanisms which rely upon a permanently embedded key.